Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/8791a1-e679-4663-a2da-1a513df069fc/1/5PKoZiAvS4y8MzgtboLYHYlkyA4.mft
File: 5PKoZiAvS4y8MzgtboLYHYlkyA4.mft (raw, json)
Hash identifier: 3IBSimb7vSzhhu2+7NFN3zJabuIQwvC7nNPFayv9E0A=
Subject key identifier: 09:15:77:AA:B0:33:68:59:D0:EE:B2:4E:49:06:FD:A5:C6:9E:3F:AF
Authority key identifier: E4:F2:A8:66:20:2F:4B:8C:BC:33:38:2D:6E:82:D8:1D:89:64:C8:0E
Certificate issuer: /CN=e4f2a866202f4b8cbc33382d6e82d81d8964c80e
Certificate serial: 019CA9B3CBF4A6D97A13E4D421A2CB9844C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5PKoZiAvS4y8MzgtboLYHYlkyA4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/8791a1-e679-4663-a2da-1a513df069fc/1/5PKoZiAvS4y8MzgtboLYHYlkyA4.mft
Manifest number: 1846
Signing time: Sun 01 Mar 2026 14:00:58 +0000
Manifest this update: Sun 01 Mar 2026 14:00:58 +0000
Manifest next update: Mon 02 Mar 2026 14:00:58 +0000
Files and hashes: 1: 0_tFJYeiflxsIJ9bhjlTeIiAEJc.roa (hash: USV70Tn6bwMKjWSZ09NQefEfFL6vsHQ3fPX3IL9JI1s=)
2: 5PKoZiAvS4y8MzgtboLYHYlkyA4.crl (hash: VYQcBQKRUgCZTe8yJMdXu0A8M9WqMKPM4SwZq6tYs/w=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c7/8791a1-e679-4663-a2da-1a513df069fc/1/5PKoZiAvS4y8MzgtboLYHYlkyA4.crl
rsync://rpki.ripe.net/repository/DEFAULT/c7/8791a1-e679-4663-a2da-1a513df069fc/1/5PKoZiAvS4y8MzgtboLYHYlkyA4.mft
rsync://rpki.ripe.net/repository/DEFAULT/5PKoZiAvS4y8MzgtboLYHYlkyA4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 14:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:a9:b3:cb:f4:a6:d9:7a:13:e4:d4:21:a2:cb:98:44:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e4f2a866202f4b8cbc33382d6e82d81d8964c80e
Validity
Not Before: Mar 1 14:00:58 2026 GMT
Not After : Mar 2 14:00:58 2026 GMT
Subject: CN=091577aab0336859d0eeb24e4906fda5c69e3faf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:41:0e:78:fa:ea:a8:80:44:99:81:66:4a:61:
95:c5:e4:75:57:c1:e9:86:82:88:98:95:69:62:c9:
6d:14:24:b0:42:d7:ad:cd:5b:c1:1d:04:d6:00:aa:
21:21:9a:8c:2f:27:f1:06:70:1c:7c:55:c8:95:4d:
e7:04:18:04:ad:44:1e:45:d5:af:41:4b:e2:a9:43:
51:2a:0f:e4:53:47:b0:fc:f6:ab:64:57:97:a9:4d:
8f:ea:64:60:e0:83:ea:92:a7:ad:41:eb:73:5c:27:
c1:d2:2d:05:b1:9e:97:cb:77:ea:ab:30:6f:52:c1:
d6:39:be:7b:69:a1:82:53:75:75:d2:94:06:55:39:
f9:d2:4c:ce:8e:9e:0c:e7:37:b9:64:00:23:5d:41:
7a:b8:9a:d2:bb:2b:25:24:36:b9:25:f9:be:ee:7e:
1d:d8:04:58:81:a9:5e:d8:ed:2c:8f:46:90:b6:66:
7d:1c:02:59:ba:49:61:d3:e1:80:ff:b4:a8:32:a9:
35:68:26:df:b2:38:7a:84:0c:e7:a9:7d:e7:69:f2:
1f:46:9a:06:29:d2:75:1a:2b:a8:cb:90:f4:ab:f2:
d3:22:55:18:67:56:1b:ac:d7:63:e9:3a:81:a3:e1:
1a:f5:43:e6:2d:2f:01:0e:c8:e8:d1:14:50:86:18:
dc:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:15:77:AA:B0:33:68:59:D0:EE:B2:4E:49:06:FD:A5:C6:9E:3F:AF
X509v3 Authority Key Identifier:
keyid:E4:F2:A8:66:20:2F:4B:8C:BC:33:38:2D:6E:82:D8:1D:89:64:C8:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5PKoZiAvS4y8MzgtboLYHYlkyA4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/8791a1-e679-4663-a2da-1a513df069fc/1/5PKoZiAvS4y8MzgtboLYHYlkyA4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/8791a1-e679-4663-a2da-1a513df069fc/1/5PKoZiAvS4y8MzgtboLYHYlkyA4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8d:df:ed:54:2d:1a:28:29:23:59:e2:68:b7:28:af:84:eb:eb:
75:88:64:05:8f:2b:29:52:8c:be:51:82:5a:e5:40:55:4e:b2:
f1:3f:a5:89:3e:83:a1:66:71:14:bf:fe:28:67:a0:9a:00:08:
98:65:ba:da:3e:7c:5e:fc:3e:ff:42:26:f4:e9:2a:f6:7e:8d:
4b:03:3e:ce:5e:c0:b6:61:30:81:51:da:70:d6:3e:aa:31:8f:
1a:19:d3:67:a6:21:43:2d:c9:37:7d:e7:51:06:c8:08:87:0c:
92:16:73:28:7a:03:85:7f:fa:53:0f:7c:d9:89:ec:5e:af:f4:
54:b5:87:58:90:e8:24:70:5b:53:6c:b3:dd:d6:0d:59:b2:65:
80:8a:24:9c:ed:8f:f2:10:d6:0e:d4:7b:39:75:80:ee:56:f2:
3c:7b:c7:f9:62:7a:59:85:c7:a2:70:cd:36:9d:1f:33:6c:b7:
90:64:69:ac:3b:00:34:97:4a:70:2f:49:6c:95:01:f3:e0:22:
6f:97:c2:d7:8d:e4:f6:f6:4c:78:e5:d2:1d:00:a5:5c:23:50:
20:e6:82:62:5b:31:9c:7f:9e:a1:63:c1:21:98:65:39:96:22:
aa:1c:ed:b6:a6:71:2e:f9:3b:15:98:23:ae:3b:bc:ef:98:69:
5f:d4:2d:86
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyps8v0ptl6E+TUIaLLmETEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0ZjJhODY2MjAyZjRiOGNiYzMzMzgyZDZlODJkODFkODk2
NGM4MGUwHhcNMjYwMzAxMTQwMDU4WhcNMjYwMzAyMTQwMDU4WjAzMTEwLwYDVQQD
EygwOTE1NzdhYWIwMzM2ODU5ZDBlZWIyNGU0OTA2ZmRhNWM2OWUzZmFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi0EOePrqqIBEmYFmSmGVxeR1V8Hp
hoKImJVpYsltFCSwQtetzVvBHQTWAKohIZqMLyfxBnAcfFXIlU3nBBgErUQeRdWv
QUviqUNRKg/kU0ew/ParZFeXqU2P6mRg4IPqkqetQetzXCfB0i0FsZ6Xy3fqqzBv
UsHWOb57aaGCU3V10pQGVTn50kzOjp4M5ze5ZAAjXUF6uJrSuyslJDa5Jfm+7n4d
2ARYgale2O0sj0aQtmZ9HAJZuklh0+GA/7SoMqk1aCbfsjh6hAznqX3nafIfRpoG
KdJ1Giuoy5D0q/LTIlUYZ1YbrNdj6TqBo+Ea9UPmLS8BDsjo0RRQhhjcAwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAkVd6qwM2hZ0O6yTkkG/aXGnj+vMB8GA1UdIwQY
MBaAFOTyqGYgL0uMvDM4LW6C2B2JZMgOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNVBLb1ppQXZTNHk4TXpndGJvTFlIWWxreUE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy84NzkxYTEtZTY3OS00NjYzLWEyZGEt
MWE1MTNkZjA2OWZjLzEvNVBLb1ppQXZTNHk4TXpndGJvTFlIWWxreUE0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy84NzkxYTEtZTY3OS00NjYzLWEyZGEtMWE1MTNkZjA2OWZj
LzEvNVBLb1ppQXZTNHk4TXpndGJvTFlIWWxreUE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjd/tVC0a
KCkjWeJotyivhOvrdYhkBY8rKVKMvlGCWuVAVU6y8T+liT6DoWZxFL/+KGegmgAI
mGW62j58Xvw+/0Im9Okq9n6NSwM+zl7AtmEwgVHacNY+qjGPGhnTZ6YhQy3JN33n
UQbICIcMkhZzKHoDhX/6Uw982YnsXq/0VLWHWJDoJHBbU2yz3dYNWbJlgIoknO2P
8hDWDtR7OXWA7lbyPHvH+WJ6WYXHonDNNp0fM2y3kGRprDsANJdKcC9JbJUB8+Ai
b5fC143k9vZMeOXSHQClXCNQIOaCYlsxnH+eoWPBIZhlOZYiqhzttqZxLvk7FZgj
rju875hpX9Qthg==
-----END CERTIFICATE-----
Generated at Mon Mar 2 01:15:25 2026 by rpki-client